My friend and I were talking about VPNs, and he said if I am logged into Google essentially my browsing is not anonymous, even with a VPN and blocking Google Analytics and Facebook plugins. Seen as I am always logged in on Chrome this seems a big hole in my figurative tin foil hat.
So a.) is this correct and b.) is there anyway around this apart from remaining logged out, which then removes all the convenience I get from Google (I have a Chromebook so this would suck).
Thanks, and sorry if this is a fairly noob question.
Using a VPN on its own does not necessarily facilitate anonymity. Logging into google, or Facebook or whatever else as yourself effectively ties the IP address of the VPN server to your personal information.
For many people, myself included, that’s okay. I use a VPN primarily to obscure my bittorrent usage and get around geo-blocking.
If your ‘threat model’ is avoiding passive metadata collection by government entities instead of avoiding copyright trolls, then that changes things. Chromebook (and google in general) is going to hurt your anonymity no matter which way you swing it. You want to purchase a VPN anonymously (read: using Tor) with a crypto-currency. You want to use a computer that doesn’t have a hard drive and boot from something like Tails to use the Tor network somewhat securely. You want to connect to the Tor network through your VPN instead of directly to obscure the fact that you’re using Tor. You want to use an internet connection that is not your own. Ideally one that can’t be traced to you geographically.
So the answer to your question is yes it’s a problem if your goal is anonymity and no, there isn’t much you can do to work around the problem.
Keep in mind that even if you master all of the tools laid out in the guide I linked, there’s still a non-trivial chance that said government entities will know enough about what you do to find you.
There are more things other than being logged to a Google account to identify a user or a computer. It could be browser fingerprints, the way you write, what kind of words you search, etc.
If you have logged into your Google account without VPN before, and then logged in with it, then Google now knows that “a certain user using this device has hopped from a usual IP to a foreign one, which belongs to a VPN provider”. It doesn’t even have to be Google, any website the user frequents could do the same with enough data and time.
There are ways to avoid this, but I don’t think I know enough about it.